[Libreoffice-commits] core.git: 2 commits - download.lst external/lcms2
Michael Stahl
mstahl at redhat.com
Mon Aug 29 14:49:12 UTC 2016
download.lst | 6 --
external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1 | 25 ++++++++++
external/lcms2/UnpackedTarball_lcms2.mk | 1
3 files changed, 27 insertions(+), 5 deletions(-)
New commits:
commit da7d3f708d0619fdb17128ffbaa430becb79121f
Author: Michael Stahl <mstahl at redhat.com>
Date: Mon Aug 29 13:07:03 2016 +0200
lcms2: Out-of-bounds read in Type_MLU_Read() (rhbz#1367357)
Change-Id: I9c5a442125476412435ebefea29ad1b166faab8a
diff --git a/external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1 b/external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1
new file mode 100644
index 0000000..913f828
--- /dev/null
+++ b/external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1
@@ -0,0 +1,25 @@
+From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001
+From: Marti <marti.maria at tktbrainpower.com>
+Date: Mon, 15 Aug 2016 23:31:39 +0200
+Subject: [PATCH] Added an extra check to MLU bounds
+
+Thanks to Ibrahim el-sayed for spotting the bug
+---
+ src/cmstypes.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/cmstypes.c b/src/cmstypes.c
+index cb61860..c7328b9 100644
+--- a/src/cmstypes.c
++++ b/src/cmstypes.c
+@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU
+
+ // Check for overflow
+ if (Offset < (SizeOfHeader + 8)) goto Error;
++ if ((Offset + Len) > SizeOfTag + 8) goto Error;
+
+ // True begin of the string
+ BeginOfThisString = Offset - SizeOfHeader - 8;
+--
+2.7.4
+
diff --git a/external/lcms2/UnpackedTarball_lcms2.mk b/external/lcms2/UnpackedTarball_lcms2.mk
index 6490110..db22934 100644
--- a/external/lcms2/UnpackedTarball_lcms2.mk
+++ b/external/lcms2/UnpackedTarball_lcms2.mk
@@ -19,6 +19,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,lcms2,\
external/lcms2/lcms2-vc2013-project.patch \
external/lcms2/lcms2-config-guess.patch.0 \
external/lcms2/ubsan.patch.0 \
+ external/lcms2/0001-Added-an-extra-check-to-MLU-bounds.patch.1 \
))
# vim: set noet sw=4 ts=4:
commit 9806bdaa1ee2d38dc63b0c8c85dbe9a8fadef488
Author: Michael Stahl <mstahl at redhat.com>
Date: Mon Aug 29 13:01:42 2016 +0200
download.lst: clean up duplicate FIREBIRD tarballs
Change-Id: I3511e00a638f186b367d1c350e7334e340b6c4b7
diff --git a/download.lst b/download.lst
index c4ab49a..88e30fe 100644
--- a/download.lst
+++ b/download.lst
@@ -35,10 +35,6 @@ export ETONYEK_VERSION_MICRO := 6
export ETONYEK_TARBALL := libetonyek-0.1.$(ETONYEK_VERSION_MICRO).tar.bz2
export EXPAT_MD5SUM := 2f47841c829facb346eb6e3fab5212e2
export EXPAT_TARBALL := expat-2.2.0.tar.bz2
-export FIREBIRD_MD5SUM := b0b5293991fcf07347b38431c80be1d4
-export FIREBIRD_TARBALL := Firebird-2.5.5.26952-0.tar.bz2
-# FIREBIRD_MD5SUM := b259c2d1c60a03bd104108405ae990a7
-# export FIREBIRD_TARBALL := Firebird-3.0-alpha1-20130302.tar.gz
export FIREBIRD_MD5SUM := 821260b61dafc22899d1464d4e91ee6a
export FIREBIRD_TARBALL := Firebird-3.0.0.32483-0.tar.bz2
export FONTCONFIG_TARBALL := 77e15a92006ddc2adbb06f840d591c0e-fontconfig-2.8.0.tar.gz
@@ -95,9 +91,9 @@ export LIBEXTTEXTCAT_TARBALL := 10d61fbaa6a06348823651b1bd7940fe-libexttextcat-3
export LIBGLTF_MD5SUM := d63a9f47ab048f5009d90693d6aa6424
export LIBGLTF_TARBALL := libgltf-0.0.2.tar.bz2
export LIBLANGTAG_TARBALL := aa899eff126216dafe721149fbdb511b-liblangtag-0.5.8.tar.bz2
-export LIBXMLSEC_TARBALL := 0fb1bb06d60d7708abc4797008209bcc-xmlsec1-1.2.22.tar.gz
export LIBTOMMATH_MD5SUM := da283d2e3e72137d0c600ac36b991c9d
export LIBTOMMATH_TARBALL := ltm-1.0.zip
+export LIBXMLSEC_TARBALL := 0fb1bb06d60d7708abc4797008209bcc-xmlsec1-1.2.22.tar.gz
export LIBXML_TARBALL := ae249165c173b1ff386ee8ad676815f5-libxml2-2.9.4.tar.gz
export LIBXSLT_TARBALL := a129d3c44c022de3b9dcf6d6f288d72e-libxslt-1.1.29.tar.gz
export LPSOLVE_TARBALL := 26b3e95ddf3d9c077c480ea45874b3b8-lp_solve_5.5.tar.gz
More information about the Libreoffice-commits
mailing list